<?php
  include __DIR__."/config/cors.php";
  include __DIR__."/database.php";

  $nid = @$_GET['nid'];
  $context = @$_GET['context'];
  $username = @$_GET['username'];

  if(!isset($username)){
    echo json_encode([
        "code" => 202,
        "msg"=> "请登陆后在评论"
      ]);
      exit;
  }

  if(!isset($nid) or !isset($context)){
    echo json_encode([
        "code" => 203,
        "msg"=> "必要参数传递有误"
      ]);
      exit;
  }

  $db = new DB();
  $sql = "select * from user where username = '$username'";
  $data = $db->selectOne($sql);
  if (is_array($data) and count($data) > 0) {
    $uid = $data['id'];
    $sql = "insert into review (nid, uid, context,time) values ('$nid', '$uid', '$context',NOW())";
    if ($db->insert($sql)) {
        echo json_encode([
            "code" => 200,
            "msg"=>"评论成功"
        ]);
    } else {
        echo json_encode([
            "code" => 204,
            "msg"=> "评论失败: " . $data
        ]);
    }
  }else {
    is_array($data) ? $msg = "请登陆后在评论" : $msg = "评论失败: ".$data;
    echo json_encode([
       "code" => 201,
       "msg"=> $msg
     ]);
   }
?>